Remote connections are indirect

nickofearth · August 21, 2024, 6:37pm

Server Version#: 1.40.5.8854

I need some help figuring out why an indirect connection is being used when outside of my home network. It doesn’t seem to matter what device is used (xbox, TiVo (!), Fire Stick, Chromecast).

Remote Access will show green for awhile, and then drop off and stay red until I tell it to retry, at which point it goes green again. It doesn’t seem to matter, though, as the streams are always through the relay server.

I have tried any troubleshooting steps I have found in the forum, and I am just stuck.

I currently have port forwarding configured on my router, the firewall on the server is open for the forwarded port, UPNP is enabled on the router, and PMS is not behind a VPN.

The PMS has a static local IPv4 address, and IPv6 is not in use.

The PMS is Ubuntu 22.04 LTS.

Any help would be greatly appreciated!

Menel · August 21, 2024, 8:32pm

Are you positive you have a publicly available IP vs CGNAT.

Do any other port forwarding services work, can you test them.
iperf3 is easy

run it on local machine
setup your port forward of 5201, to the local machine ip
run it from outside the network, from phone with wifi disabled on cellular if you need

UPNP is usually not a good idea for security.
Ubuntu doesn’t much need it’s local firewall, for at least temporary testing purposes until you prove things out, I would disable the ubuntu ufw.

nickofearth · August 21, 2024, 9:13pm

My kids’ friends can remotely access the Minecraft server running on the system, so the IP address shouldn’t be the problem.

the iperf3 test failed… it works when I am connected to the local WiFi, but it failed when I was going through my mobile carrier.

YouGetSignal.com is also reporting both ports are closed.

I tried disabling the firewall on my router, and there was no change in iperf3 or YouGetSignal.com results.

UPNP is something I normally keep off, but I left it on after turning it on during troubleshooting this issue. Same with the Ubuntu firewall. I have now disabled them both.

nickofearth · August 21, 2024, 9:28pm

I just verified with my ISP that they do not use a CGNAT, and I do have a public IP.

tom80H · August 22, 2024, 5:34am

Can you share the findings / individual outputs of the troubleshooting steps?
You should be able to verify if your router got a publicly routable IP address on the router and compare if that’s the same public IP seen by YouGetSignal.

nickofearth · August 22, 2024, 2:54pm

Hi, Tom -
Yes, the IP address reported by the router is the same as is reported by YouGetSignal.

iperf3 fails with the message:
Unable to connect to server, connection timed out

YouGetSignal fails with the message:
Port 32400 is closed on x.x.x.x

portchecker.com failes with the message:
Port 32400 is closed

I am getting these same messages from the Minecraft ports, so it’s looking like a router issue.

Router and Plex settings:
Current status:
All firewalls are disabled, except for the router firewall.
Router: In the port forwarding list, I have an entry called “Plex” with “External Port” set to 32400, “Internal Port” set to 32400, “Protocol” set to TCP, with the “Internal IP Address” of the PMS.
Plex: “Manually specify the public port” is set to “32400” - goes green for a bit, then turns red

iperf3: Port 5201 is forwarded to the PMS, and iperf3 is listening on port 5201 on the PMS.

In the router’s port forwarding log, there are the following entries:
Source: ALL
Destination: ALL
Proto: TCP
Port range: 32400
Open by: VSERVER
Redirect to: xx.xx.xx.xx (this is the local PMS static IP address)
Client name: plex-server
Local port: 32400

There is an identical entry for iperf3, except it’s port range and local port are 5201.

Previously tried:

Several different ports, but always matched between the router port forwarding entry and Plex manually specified port. Same results.
Router: UPNP enabled, no port forwarding configured. Plex manual setting disabled. Same result.
Router: UPNP enabled, port forwarding configured to port 32400. Plex manual setting disabled. Same result.
Router: UPNP enabled, port forwarding configured to a different port, plex manual setting to that port. Same result.
Router: UPNP enabled, port forwarding configured to port 32400. Plex manual setting to 32400. Same result.
Router: UPNP disabled, port forwarding configured to port 32400. Plex manual setting to 32400. Same result.

Using a port scanner from my phone:
When connected to the local wifi network:
The local PMS IP address: it sees 8 ports open, including port 32400
The public IP address: it sees the same 8 ports open, including port 32400

When connected to my carrier’s network::
The scanner sees 4 ports open, but not port 32400.
YouGetSignal and PortChecker both say those 4 open ports are closed.

ChuckPa · August 22, 2024, 6:42pm

@nickofearth

Which modem/router make & model please ?

I’ll go get the user manual.

nickofearth · August 22, 2024, 6:52pm

Hi, ChuckPa!
Here is a link to the manual download page for my router:

EDIT:
I have fiber internet, and the fiber ONT is in bridge mode. I verified with my ISP that while it is in bridge mode, it doesn’t do anything but pass data between my router and the internet. I also confirmed that they don’t block any traffic, ports, etc.

nickofearth · August 22, 2024, 7:23pm

@ChuckPa I think I’ve got it - but I have stopped to let you know that you don’t need to spend any time on my issue. I know how involved you are with Plex, and I don’t want you to spend time on my issue since I think I figured it out… Thank you for all your effort over the years!!

ChuckPa · August 22, 2024, 7:23pm

Good. This means you have raw access to the fiber.
Your router’s WAN IP should be what the ISP assigned you.

As for configuring.

Reference documentation:

Page 71 NAT Passthrough

This page:

Screenshot from 2024-08-22 15-19-23702×686 109 KB
Specifics:
– Ignore “Famous Server”
– Ignore “Famous Port”
– Custom Configuration
– Service Name: Plex Media Server
– Protocol: TCP
– External Port: Any 5 digit number from 10000 → 65534
– (I use my birthday: 40262 – Use whatever you like)
– Internal port: 32400
– Internal IP address: LAN IP of your Plex server
– Leave the other fields empty
Now tell PMS to use Manual port and give it your WAN port number 40262

OK and then, I think “Apply” or “Save”

ChuckPa · August 22, 2024, 7:23pm

This what you did ?

nickofearth · August 22, 2024, 7:54pm

No, I had already tried what you said, and it didn’t work… and it’s obvious why, now that I see the issue. It also makes me a liar in my original post!

A while back, maybe 2 months ago, I had disconnected Windscribe VPN because it’s split tunneling on Linux is unsupported. I was trying to use it to encrypt all traffic that isn’t related to Plex Media Server. I left it installed, just disconnected.

Well, after a reboot, it reconnected itself, so the VPN was back on and I didn’t realize it.

Yep, I’m a dummy.

Menel · August 22, 2024, 8:40pm

We are all dummies at times.

ChuckPa · August 23, 2024, 6:27am

I have an ample supply of “PEBKAC” pins in a jar I wear as needed.
Should I send you a few?

LOL

Screenshot from 2024-08-23 02-58-37

nickofearth · August 23, 2024, 1:52pm

I’d wear one with a mixture of pride and shame!

system · November 21, 2024, 1:52pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Trouble with Remote Access Remote Access server-windows	5	256	January 25, 2020
PMS Remote Indirect Connections only Remote Access server-windows	34	874	November 25, 2020
Server shows indirect access on Android App and GUI shows disconnected. General Discussions	4	121	January 7, 2020
Remote access kind of working, but not Remote Access server-linux	10	226	June 17, 2020
Fully accessible but indirect connection Desktops & Laptops server-windows	4	543	February 4, 2019

Remote connections are indirect

Related topics